{
"info": {
"author": "Pier Carlo Chiodi",
"author_email": "pierky@pierky.com",
"bugtrack_url": null,
"classifiers": [
"Development Status :: 4 - Beta",
"Environment :: Console",
"Intended Audience :: Information Technology",
"Intended Audience :: System Administrators",
"Intended Audience :: Telecommunications Industry",
"License :: OSI Approved :: GNU General Public License v3 (GPLv3)",
"Operating System :: POSIX",
"Operating System :: Unix",
"Programming Language :: Python",
"Programming Language :: Python :: 2.7",
"Programming Language :: Python :: 3.4",
"Topic :: Internet :: WWW/HTTP",
"Topic :: Security",
"Topic :: System :: Networking",
"Topic :: System :: Networking :: Firewalls"
],
"description": "IP Block Lists Aggregator\n=========================\n\nA Python tool that downloads IP block lists from various sources and builds configurations for network equipments and firewalls.\n\nInstallation\n------------\n\nInstallation using ``pip``:\n\n.. code:: bash\n\n $ pip install blocklistsaggregator\n\nEditable Installation using your GitHub forked repository and ``virtualenv``:\n\n.. code:: bash\n\n $ mkdir blocklistsaggregator\n $ cd blocklistsaggregator\n $ virtualenv venv\n $ source venv/bin/activate\n $ pip install -e git+https://github.com/YOUR_USERNAME/blocklistsaggregator.git#egg=blocklistsaggregator\n\nUsage\n-----\n\nIt's a command line tool, the ``--help`` is your friend! Some examples are worth a thousand words.\n\n- Download and display entries from all the configured block lists:\n\n .. code:: bash\n\n $ blocklistsaggregator.py\n\n- Only from `Ransomware Tracker RW_IPBL `_ and `DROP `_:\n\n .. code:: bash\n\n $ blocklistsaggregator.py --lists rw_ipbl drop\n\n- Download entries from all the configured lists and save them in JSON format into ``all.json``:\n\n .. code:: bash\n\n $ blocklistsaggregator.py -f json -o all.json\n\n- Read the previously saved entries from ``all.json`` and display them in a Cisco IOS prefix-list style:\n\n .. code:: bash\n\n $ blocklistsaggregator.py -i all.json -f cisco-ios\n\n- From the previously saved entries, filter out those falling in 6.0.0.0/8 and those with a prefix-len shorter than /24 and save them into ``cisco.acl`` in a Cisco ACL style with name *BADGUYS*:\n\n .. code:: bash\n\n $ blocklistsaggregator.py -i all.json --exclude 6.0.0.0/8 --exclude-ipv4-shorter-than 24 -o cisco.acl -f cisco-ios --cisco-cfg-element acl_source --cisco-cfg-element-name BADGUYS\n\n- Prepare an ``ip route null0`` command for each IPv4 entry in `DROP `_:\n\n .. code:: bash\n\n $ blocklistsaggregator.py --lists drop -4 --lines-format \"ip route {network} {netmask} null0\"\n\n- Download standard block lists and output them in a Mikrotik address-list format into ``addMalwareIPs.rsc``; save lists into ``/tmp`` and, in case of failure during one of the next executions, reuse them to build the output:\n\n .. code:: bash\n\n $ blocklistsaggregator --output addMalwareIPs.rsc --output-format mikrotik --mikrotik-address-list-name addressListMalware --lists-storage-dir /tmp/ --recover-from-file\n\nLogging\n+++++++\n\nError logging and reporting can be configured in order to have feedback about BlockListsAggregator's activity. The ``--logging-config-file`` option can be set to the path of a configuration file in `Python's logging.fileConfig() format `_. An example is provided within the ``distrib/log.ini`` file (`here the file hosted on GitHub `_).\n\nSource block lists\n++++++++++++++++++\n\nThe following block lists are currenly implemented:\n\n- rw_ipbl, `Ransomware Tracker RW_IPBL `_\n- rw_dombl, `Ransomware Tracker RW_DOMBL `_ (please read below)\n- rw_urlbl, `Ransomware Tracker RW_URLBL `_ (please read below)\n- drop, `Spamhaus DROP `_\n- drop_v6, `Spamhaus DROPv6 `_\n- edrop, `Spamhaus EDROP `_\n- feodo_badip, `Feodo BadIP `_\n- feodo_ip, `Feodo IP `_\n- palevo, `Palevo C&C `_\n- zeus, `ZeuS `_\n- bambenek_c2, `Bambenek Consulting C2 master feed `_\n\n**Warning for RW_DOMBL and RW_URLBL**: the program extracts the domain names reported into these lists to resolve the IP addresses and uses them for the output. This may result in an overblocking behaviour because these filters should be applied with a more granular level than layer-3 addresses. These lists are not used by default unless explicitly given via the command line `--lists` or `--lists-include` arguments.\n\nA list of block-lists can be found on http://iplists.firehol.org/\n\nOutput options\n++++++++++++++\n\nThe following output formats are currenly implemented:\n\n- JSON\n- lines (with macros)\n- Cisco IOS prefix-list\n- Cisco IOS ACL (source-based, destination-based, permit/deny actions)\n- Mikrotik RouterOS address-list\n\nStatus\n------\n\nThis tool is currently in **beta**: some field tests have been done but it needs to be tested deeply and on more scenarios.\n\nMoreover, contributions (fixes to code and to grammatical errors, typos, new features) are very much appreciated. \n\nBug? Issues?\n------------\n\nBut also suggestions? New ideas?\n\nPlease create an issue on GitHub at https://github.com/pierky/blocklistsaggregator/issues\n\nAuthor\n------\n\nPier Carlo Chiodi - https://pierky.com\n\nBlog: https://blog.pierky.com Twitter: `@pierky `_\n\n\nChangelog\n=========\n\n0.5.1\n-----\n\n- Fix a bug in the packaging system.\n\n0.5.0\n-----\n\n- Better empty lines detection for RW_IPBL.\n- Add `--lists-include` and `--lists-exclude` arguments.\n- Add `rw_dombl` and `rw_urlbl` lists (`Ransomware Tracker RW_DOMBL and RW_URLBL `_).\n\n Warning: the program extracts the domain names reported into these lists to resolve the IP addresses and uses them for the output. This may result in an overblocking behaviour because these filters should be applied with a more granular level than layer-3 addresses. These lists are not used by default unless explicitly given via the command line `--lists` or `--lists-include` arguments.\n\n0.4.1\n-----\n\n- Fix issue with RW_IPBL entries counter.\n\n It seems that RW_IPBL is having some issues with the number of entries reported in the last line.\n If an empty line is found it's counted as an entry, so last line's counter reports a wrong number.\n Trying to mitigate this behaviour.\n\n0.4.0\n-----\n\n- Add `drop_v6` list (`Spamhaus DROPv6 `_).\n\n0.3.0\n-----\n\n- Add `--lists-storage-dir` and `--recover-from-file` arguments to save lists into files and reuse them in case of failure of next updates.\n\n0.2.0\n-----\n\nPlease note: JSON files saved with the previous version are not compatible with this one; blocklists must be downloaded and saved again to work.\n\n- Keep track of source blocklist for each entry.\n- Add `bl_ids` and `bl_names` macros to the `lines` formatter.\n- Add a comment containing the source blocklist to each Mikrotik RouterOS address-list entry.\n\n0.1.0\n-----\n\nFirst release (beta)",
"description_content_type": null,
"docs_url": null,
"download_url": "https://github.com/pierky/blocklistsaggregator",
"downloads": {
"last_day": -1,
"last_month": -1,
"last_week": -1
},
"home_page": "https://github.com/pierky/blocklistsaggregator",
"keywords": "Malware,Spam,BlockList,Networking",
"license": "GPLv3",
"maintainer": null,
"maintainer_email": null,
"name": "blocklistsaggregator",
"package_url": "https://pypi.org/project/blocklistsaggregator/",
"platform": "UNKNOWN",
"project_url": "https://pypi.org/project/blocklistsaggregator/",
"project_urls": {
"Download": "https://github.com/pierky/blocklistsaggregator",
"Homepage": "https://github.com/pierky/blocklistsaggregator"
},
"release_url": "https://pypi.org/project/blocklistsaggregator/0.5.1/",
"requires_dist": null,
"requires_python": null,
"summary": "A Python tool that downloads IP block lists from various sources and builds configurations for network equipments and firewalls.",
"version": "0.5.1"
},
"last_serial": 2541145,
"releases": {
"0.0.1": [
{
"comment_text": "",
"digests": {
"md5": "f217b619474717b578c9a31177fa5449",
"sha256": "1eba7e746525e6125006885197aff0a8f586d03ca3eb9f42874bc299ef3c047d"
},
"downloads": -1,
"filename": "blocklistsaggregator-0.0.1.tar.gz",
"has_sig": false,
"md5_digest": "f217b619474717b578c9a31177fa5449",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 25003,
"upload_time": "2016-06-23T21:13:14",
"url": "https://files.pythonhosted.org/packages/5d/de/440738df001a7dad71b03de87d003f9cf54c4b6ae23271f5f5b7abbdbc68/blocklistsaggregator-0.0.1.tar.gz"
}
],
"0.2.0": [
{
"comment_text": "",
"digests": {
"md5": "4f35897805ea8cb811b22212f93f3398",
"sha256": "0aefc603d2765674d24c427c642dbce87660a8a6261275a055a7571cfd5585cb"
},
"downloads": -1,
"filename": "blocklistsaggregator-0.2.0.tar.gz",
"has_sig": false,
"md5_digest": "4f35897805ea8cb811b22212f93f3398",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 25703,
"upload_time": "2016-06-27T12:52:40",
"url": "https://files.pythonhosted.org/packages/53/76/540c16ba4e34e232e717e52cfb6072df5d7ab7aac139ecd25f1cf6390c1a/blocklistsaggregator-0.2.0.tar.gz"
}
],
"0.3.0": [
{
"comment_text": "",
"digests": {
"md5": "173df538072387f2d7a2062652416db4",
"sha256": "5762fece23e97ad1249429bc43d6e3d6c55077aa1136d4cdb11999b00871b00b"
},
"downloads": -1,
"filename": "blocklistsaggregator-0.3.0.tar.gz",
"has_sig": false,
"md5_digest": "173df538072387f2d7a2062652416db4",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 26260,
"upload_time": "2016-07-05T20:56:52",
"url": "https://files.pythonhosted.org/packages/25/70/a78dedf1a9bc385664d6ef849395f8135e673f6892cf02d78f541a361aa7/blocklistsaggregator-0.3.0.tar.gz"
}
],
"0.4.0": [
{
"comment_text": "",
"digests": {
"md5": "397f28252667f202c3f54b37ff76357f",
"sha256": "2543b9651a4ffe7d38bdf0f8c47029a0c6b88bbfd9f4120622b3456c4ff22507"
},
"downloads": -1,
"filename": "blocklistsaggregator-0.4.0.tar.gz",
"has_sig": false,
"md5_digest": "397f28252667f202c3f54b37ff76357f",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 26362,
"upload_time": "2016-07-06T17:08:46",
"url": "https://files.pythonhosted.org/packages/a1/c6/f0d486c88d3161e5586355777c45fd31f31177dce75921d6f590ee685182/blocklistsaggregator-0.4.0.tar.gz"
}
],
"0.4.1": [
{
"comment_text": "",
"digests": {
"md5": "3c8ed7f6d31cbd80de58b211ed096e39",
"sha256": "6b13d4c36472c464779a9e805c86379bd91c82054438623df174e04ba584c491"
},
"downloads": -1,
"filename": "blocklistsaggregator-0.4.1.tar.gz",
"has_sig": false,
"md5_digest": "3c8ed7f6d31cbd80de58b211ed096e39",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 26726,
"upload_time": "2016-08-01T17:58:04",
"url": "https://files.pythonhosted.org/packages/3b/5e/bcdcc922b961bed9c390651badf06070aa0fc17bd056274af2d971e11841/blocklistsaggregator-0.4.1.tar.gz"
}
],
"0.5.0": [
{
"comment_text": "",
"digests": {
"md5": "6bec7ca539378d6631e27638caf3ad5c",
"sha256": "846915ba295bce861aeb010042671e04ca7590423b4adfd559180d252b2fd606"
},
"downloads": -1,
"filename": "blocklistsaggregator-0.5.0.tar.gz",
"has_sig": false,
"md5_digest": "6bec7ca539378d6631e27638caf3ad5c",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 29000,
"upload_time": "2016-08-04T20:35:06",
"url": "https://files.pythonhosted.org/packages/22/fd/7cd3202791e86a8c1e387719e2f3f2594c1be58b1406f84cbc3aef291eec/blocklistsaggregator-0.5.0.tar.gz"
}
],
"0.5.1": [
{
"comment_text": "",
"digests": {
"md5": "27df035c4d0cb716b33c47d84edb5c5d",
"sha256": "170d5075666bb0a6fcf6f24660fa9c9b9e2b3cf77f5e2d0e785eb2cb3ff2a51c"
},
"downloads": -1,
"filename": "blocklistsaggregator-0.5.1.tar.gz",
"has_sig": false,
"md5_digest": "27df035c4d0cb716b33c47d84edb5c5d",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 29276,
"upload_time": "2016-12-27T18:13:14",
"url": "https://files.pythonhosted.org/packages/f7/dd/61de73e6eccc0e747280a6c90890d0032929451098c30991e3f79925aa72/blocklistsaggregator-0.5.1.tar.gz"
}
]
},
"urls": [
{
"comment_text": "",
"digests": {
"md5": "27df035c4d0cb716b33c47d84edb5c5d",
"sha256": "170d5075666bb0a6fcf6f24660fa9c9b9e2b3cf77f5e2d0e785eb2cb3ff2a51c"
},
"downloads": -1,
"filename": "blocklistsaggregator-0.5.1.tar.gz",
"has_sig": false,
"md5_digest": "27df035c4d0cb716b33c47d84edb5c5d",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 29276,
"upload_time": "2016-12-27T18:13:14",
"url": "https://files.pythonhosted.org/packages/f7/dd/61de73e6eccc0e747280a6c90890d0032929451098c30991e3f79925aa72/blocklistsaggregator-0.5.1.tar.gz"
}
]
}